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WHAT IS CLAIMED IS : 

1 . A computer comprising: 

an operating system controlling a computer resource; and 
an intrusion detection system integrated with the operating system and 
operable to monitor the computer resources to detect and prevent intrusion attempts. 

2. The computer, as set forth in claim 1, wherein the computer resource is 
selected from the group consisting of data storage system, mput/output system, a 
networking system, an appHcation program execution environment, and interfaces to 
peripheral devices. 

3. The computer, as set forth in claim 1, wherein the computer resource 
comprises an application program execution environment and a networking system 
under the control of the operating system and monitored by the intrusion detection 
system to detect, prevent and report intrusion attempts. 

4. The computer, as set forth in claim 1, further comprising an anti-virus 
system integrated with the operating system and operable to monitor the data storage 
system, input/output system, networking system, application program execution 
environment, and interfaces to peripheral devices to detect the presence of at least one 
virus. 

5. The computer, as set forth in claim 1, further comprising an anti-virus 
system integrated with the operating system and operable to monitor the data storage 
system, input/output system, networking system, appUcation program execution 
enviromnent, and interfaces to peripheral devices to detect and report the presence of 
at least one virus. 

6. The computer, as set forth in claim 2, wherein intrusion detection is 
integrated with a networking stack of the networking system above the hnk layer 
operable to access raw network frames. 
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7. The computer, as set forth in claim 2, wherein the intrusion detection 
system is integrated with a networking stack of the networking system above the 
network layer operable to access reassembled fragments. 

8. The computer, as set forth in claim 2, wherein the intrusion detection 
system is integrated with a networking protocol stack of the networking system above 
the transport layer. 

9. The computer, as set forth in claim 2, wherein the mtrusion detection 

system is integrated with a networking stack of the networking system between the 
network layer and the transport layer and between the transport layer and the 
appUcation layer. 

10. The computer, as set forth in claim 5, wherein the anti-virus system 
comprises a module operable to prevent reassembly of a virus. 

11. The computer, as set forth in claim 5, wherein the anti-virus system 
comprises a module operable to recognize a virus. 

12. The computer, as set forth in claim 5, wherein the anti-virus system 
comprises a module operable to prevent storage of a virus. 

13. The computer, as set forth in claim 5, wherein the anti-virus system 
comprises a module operable to prevent transmission of a virus. 

14. The computer, as set forth in claim 2, wherein the anti-vims system 
comprises a module operable to prevent execution of a virus. 

15. A method comprising: 

executing an OS-integrated intrusion detection system; and 
monitoring at least one computer resource to detect and prevent intrusion 
attempts. 
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16. The method, as set forth in claim 15, wherein monitoring at least one 
computer resotirce comprises monitoring at least one computer resource selected from 
the group consisting of a data storage system, an input/output system, a networking 
system, an application program execution environment, and interfaces to peripheral 

5 devices. 

17. The method, as set forth in claim 15, wherein monitoring at least one 
computer resource comprises reporting intrusion attempts. 

10 18. The method, as set forth in claim 16, further comprising integrating the 

intrusion detection system with a networking system above the link layer operable to 
access raw network frames. 

- 19. The method, as set forth in claim 15, further comprising integrating the 

J 15 intrusion detection system with a networking stack of the networking system above 

the network layer operable to access reassembled fragments. 

i 

^ 20. The method, as set forth in claim 15, further comprising integrating the 

intrusion detection system with a networking protocol stack of the networking system 
20 above the transport layer. 

21 . The method, as set forth in claim 1 5, further comprising integrating the 
intrusion detection system with a networking stack of the networking system between 
the network layer and the transport layer, and between the transport layer and the 

25 application layer. 

22. A method comprising: 

executing an OS-integrated anti-virus system; and 

monitoring at least one computer resource to detect the presence of at least one 

30 virus. 
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23. The method, as set forth in claim 22, wherein monitoring at least one 
computer resource comprises monitoring at least one computer resource selected from 
the group consisting of a data storage system, an input/output system, a networking 
system, an application program execution environment, and interfaces to peripheral 
devices. 

24. The method, as set forth in claim 22, wherein monitoring at least one 
computer resource comprises reporting the presence of at least one virus. 

25. The method, as set forth in claim 22, wherein the step of monitoring 
comprises detecting the reassembly of a virus. 

26. The method, as set forth in claim 22, wherein the step of monitoring 
comprises recognizing a virus. 

27. The method, as set forth in claim 22, wherein the step of monitoring 
comprises preventing the storage of a vims. 

28. The method, as set forth m claim 22, wherein the step of monitoring 
comprises preventing the transmission of a virus. 

29. The method, as set forth in claim 22, wherein the step of monitoring 
comprises preventing the execution of a virus. 



